Data Masking API
Data Masking is a powerful tool for detecting and masking sensitive information in text. It can identify and redact emails, phone numbers, SSNs, credit cards, IP addresses, URLs, and dates.
The Data Masking API provides reliable and fast access to data masking data through a simple REST interface. Built for developers who need consistent, high-quality results with minimal setup time.
To use Data Masking, you need an API key. You can get one by creating a free account and visiting your dashboard.
POST Endpoint
https://api.apiverve.com/v1/datamaskingCode Examples
Here are examples of how to call the Data Masking API in different programming languages:
curl -X POST \
"https://api.apiverve.com/v1/datamasking" \
-H "X-API-Key: your_api_key_here" \
-H "Content-Type: application/json" \
-d '{
"text": "Contact John Doe at [email protected] or call 555-123-4567. His SSN is 123-45-6789."
}'const response = await fetch('https://api.apiverve.com/v1/datamasking', {
method: 'POST',
headers: {
'X-API-Key': 'your_api_key_here',
'Content-Type': 'application/json'
},
body: JSON.stringify({
"text": "Contact John Doe at [email protected] or call 555-123-4567. His SSN is 123-45-6789."
})
});
const data = await response.json();
console.log(data);import requests
headers = {
'X-API-Key': 'your_api_key_here',
'Content-Type': 'application/json'
}
payload = {
"text": "Contact John Doe at [email protected] or call 555-123-4567. His SSN is 123-45-6789."
}
response = requests.post('https://api.apiverve.com/v1/datamasking', headers=headers, json=payload)
data = response.json()
print(data)const https = require('https');
const url = require('url');
const options = {
method: 'POST',
headers: {
'X-API-Key': 'your_api_key_here',
'Content-Type': 'application/json'
}
};
const postData = JSON.stringify({
"text": "Contact John Doe at [email protected] or call 555-123-4567. His SSN is 123-45-6789."
});
const req = https.request('https://api.apiverve.com/v1/datamasking', options, (res) => {
let data = '';
res.on('data', (chunk) => data += chunk);
res.on('end', () => console.log(JSON.parse(data)));
});
req.write(postData);
req.end();<?php
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'https://api.apiverve.com/v1/datamasking');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_CUSTOMREQUEST, 'POST');
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'X-API-Key: your_api_key_here',
'Content-Type: application/json'
]);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode({
'text': 'Contact John Doe at [email protected] or call 555-123-4567. His SSN is 123-45-6789.'
}));
$response = curl_exec($ch);
curl_close($ch);
$data = json_decode($response, true);
print_r($data);
?>package main
import (
"fmt"
"io"
"net/http"
"bytes"
"encoding/json"
)
func main() {
payload := map[string]interface{}{
"text": "Contact John Doe at [email protected] or call 555-123-4567. His SSN is 123-45-6789."
}
jsonPayload, _ := json.Marshal(payload)
req, _ := http.NewRequest("POST", "https://api.apiverve.com/v1/datamasking", bytes.NewBuffer(jsonPayload))
req.Header.Set("X-API-Key", "your_api_key_here")
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
panic(err)
}
defer resp.Body.Close()
body, _ := io.ReadAll(resp.Body)
fmt.Println(string(body))
}require 'net/http'
require 'json'
uri = URI('https://api.apiverve.com/v1/datamasking')
http = Net::HTTP.new(uri.host, uri.port)
http.use_ssl = true
payload = {
"text": "Contact John Doe at [email protected] or call 555-123-4567. His SSN is 123-45-6789."
}
request = Net::HTTP::Post.new(uri)
request['X-API-Key'] = 'your_api_key_here'
request['Content-Type'] = 'application/json'
request.body = payload.to_json
response = http.request(request)
puts JSON.pretty_generate(JSON.parse(response.body))using System;
using System.Net.Http;
using System.Text;
using System.Threading.Tasks;
class Program
{
static async Task Main(string[] args)
{
using var client = new HttpClient();
client.DefaultRequestHeaders.Add("X-API-Key", "your_api_key_here");
var jsonContent = @"{
""text"": ""Contact John Doe at [email protected] or call 555-123-4567. His SSN is 123-45-6789.""
}";
var content = new StringContent(jsonContent, Encoding.UTF8, "application/json");
var response = await client.PostAsync("https://api.apiverve.com/v1/datamasking", content);
response.EnsureSuccessStatusCode();
var responseBody = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseBody);
}
}Authentication
The Data Masking API requires authentication via API key. Include your API key in the request header:
X-API-Key: your_api_key_hereInteractive API Playground
Test the Data Masking API directly in your browser with live requests and responses.
Parameters
The following parameters are available for the Data Masking API:
Mask Sensitive Data
| Parameter | Type | Required | Description | Default | Example |
|---|---|---|---|---|---|
text | string | required | The text containing sensitive data to mask | - | |
typesPremium | array | optional | Array of data types to mask (default: all types) |
Response
The Data Masking API returns responses in JSON, XML, YAML, and CSV formats:
Example Responses
{
"status": "ok",
"error": null,
"data": {
"masked": "Contact John Doe at [EMAIL] or call [PHONE]. His SSN is [SSN].",
"detected": {
"email": 1,
"phone": 1,
"ssn": 1,
"credit_card": 0,
"ip_address": 0,
"url": 0,
"date": 0
}
}
}<?xml version="1.0" encoding="UTF-8"?>
<response>
<status>ok</status>
<error xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
<data>
<masked>Contact John Doe at [EMAIL] or call [PHONE]. His SSN is [SSN].</masked>
<detected>
<email>1</email>
<phone>1</phone>
<ssn>1</ssn>
<credit_card>0</credit_card>
<ip_address>0</ip_address>
<url>0</url>
<date>0</date>
</detected>
</data>
</response>
status: ok
error: null
data:
masked: Contact John Doe at [EMAIL] or call [PHONE]. His SSN is [SSN].
detected:
email: 1
phone: 1
ssn: 1
credit_card: 0
ip_address: 0
url: 0
date: 0
| key | value |
|---|---|
| masked | Contact John Doe at [EMAIL] or call [PHONE]. His SSN is [SSN]. |
| detected | {email:1,phone:1,ssn:1,credit_card:0,ip_address:0,url:0,date:0} |
Response Structure
All API responses follow a consistent structure with the following fields:
| Field | Type | Description | Example |
|---|---|---|---|
status | string | Indicates whether the request was successful ("ok") or failed ("error") | ok |
error | string | null | Contains error message if status is "error", otherwise null | null |
data | object | null | Contains the API response data if successful, otherwise null | {...} |
Learn more about response formats →
Response Data Fields
When the request is successful, the data object contains the following fields:
| Field | Type | Sample Value | Description |
|---|---|---|---|
masked | string | - | |
detected | object | - | |
â”” email | number | - | |
â”” phone | number | - | |
â”” ssn | number | - | |
â”” credit_card | number | - | |
â”” ip_address | number | - | |
â”” url | number | - | |
â”” date | number | - |
Headers
Required and optional headers for Data Masking API requests:
| Header Name | Required | Example Value | Description |
|---|---|---|---|
X-API-Key | required | your_api_key_here | Your APIVerve API key. Found in your dashboard under API Keys. |
Accept | optional | application/json | Specify response format: application/json (default), application/xml, or application/yaml |
User-Agent | optional | MyApp/1.0 | Identifies your application for analytics and debugging purposes |
X-Request-ID | optional | req_123456789 | Custom request identifier for tracking and debugging requests |
Cache-Control | optional | no-cache | Control caching behavior for the request and response |
GraphQL AccessALPHA
Access Data Masking through GraphQL to combine it with other API calls in a single request. Query only the data masking data you need with precise field selection, and orchestrate complex data fetching workflows.
Credit Cost: Each API called in your GraphQL query consumes its standard credit cost.
POST https://api.apiverve.com/v1/graphqlquery {
datamasking(
input: {
text: "Contact John Doe at [email protected] or call 555-123-4567. His SSN is 123-45-6789."
}
) {
masked
detected {
email
phone
ssn
credit_card
ip_address
url
date
}
}
}Note: Authentication is handled via the x-api-key header in your GraphQL request, not as a query parameter.
CORS Support
The Data Masking API supports Cross-Origin Resource Sharing (CORS) with wildcard configuration, allowing you to call Data Masking directly from browser-based applications without proxy servers.
| CORS Header | Value | Description |
|---|---|---|
Access-Control-Allow-Origin | * | Accepts requests from any origin |
Access-Control-Allow-Methods | * | Accepts any HTTP method |
Access-Control-Allow-Headers | * | Accepts any request headers |
Browser Usage: You can call Data Masking directly from JavaScript running in the browser without encountering CORS errors. No proxy server or additional configuration needed.
Rate Limiting
Data Masking API requests are subject to rate limiting based on your subscription plan. These limits ensure fair usage and maintain service quality for all Data Masking users.
| Plan | Rate Limit | Description |
|---|---|---|
| Free | 5 requests/min | Hard rate limit enforced - exceeding will return 429 errors |
| Starter | No Limit | Production ready - standard traffic priority |
| Pro | No Limit | Production ready - preferred traffic priority |
| Mega | No Limit | Production ready - highest traffic priority |
Learn more about rate limiting →
Rate Limit Headers
When rate limits apply, each Data Masking response includes headers to help you track your usage:
| Header | Description |
|---|---|
X-RateLimit-Limit | Maximum number of requests allowed per time window |
X-RateLimit-Remaining | Number of requests remaining in the current window |
X-RateLimit-Reset | Unix timestamp when the rate limit window resets |
Handling Rate Limits
Free Plan: When you exceed your rate limit, Data Masking returns a 429 Too Many Requests status code. Your application should implement appropriate backoff logic to handle this gracefully.
Paid Plans: No rate limiting or throttling applied. All paid plans (Starter, Pro, Mega) are production-ready.
Best Practices for Data Masking:
- Monitor the rate limit headers to track your Data Masking usage (Free plan only)
- Cache data masking responses where appropriate to reduce API calls
- Upgrade to Pro or Mega for guaranteed no-throttle Data Masking performance
Note: Data Masking rate limits are separate from credit consumption. You may have credits remaining but still hit rate limits when using Data Masking on Free tier.
Error Codes
The Data Masking API uses standard HTTP status codes to indicate success or failure:
| Code | Message | Description | Solution |
|---|---|---|---|
200 | OK | Request successful, data returned | No action needed - request was successful |
400 | Bad Request | Invalid request parameters or malformed request | Check required parameters and ensure values match expected formats |
401 | Unauthorized | Missing or invalid API key | Include x-api-key header with valid API key from dashboard |
403 | Forbidden | API key lacks permission or insufficient credits | Check credit balance in dashboard or upgrade plan |
429 | Too Many Requests | Rate limit exceeded (Free: 5 req/min) | Implement request throttling or upgrade to paid plan |
500 | Internal Server Error | Server error occurred | Retry request after a few seconds, contact support if persists |
503 | Service Unavailable | API temporarily unavailable | Wait and retry, check status page for maintenance updates |
Learn more about error handling →
Need help? Contact support with your X-Request-ID for assistance.
Integrate Data Masking with SDKs
Get started quickly with official Data Masking SDKs for your preferred language. Each library handles authentication, request formatting, and error handling automatically.
Available for Node.js, Python, C#/.NET, and Android/Java. All SDKs are open source and regularly updated.
Integrate Data Masking with No-Code API Tools
Connect the Data Masking API to your favorite automation platform without writing code. Build workflows that leverage data masking data across thousands of apps.
All platforms use your same API key to access Data Masking. Visit our integrations hub for step-by-step setup guides.
Frequently Asked Questions
How do I get an API key for Data Masking?
How many credits does Data Masking cost?
Each successful Data Masking API call consumes credits based on plan tier. Check the pricing section above for the exact credit cost. Failed requests and errors don't consume credits, so you only pay for successful data masking lookups.
Can I use Data Masking in production?
The free plan is for testing and development only. For production use of Data Masking, upgrade to a paid plan (Starter, Pro, or Mega) which includes commercial use rights, no attribution requirements, and guaranteed uptime SLAs. All paid plans are production-ready.
Can I use Data Masking from a browser?
What happens if I exceed my Data Masking credit limit?
When you reach your monthly credit limit, Data Masking API requests will return an error until you upgrade your plan or wait for the next billing cycle. You'll receive notifications at 80% and 95% usage to give you time to upgrade if needed.
People who used this also used...
Based on your interest in Data Masking, you might also like these APIs:
